The attacker who claims to have hacked Uber might not have completed a lot harm. The car-sharing firm has decided that there’s “no proof” that the attacker gained entry to delicate person knowledge, corresponding to journey historical past. All providers are working usually and the corporate has restored using inside software program that was disabled after the breach was found.
Uber mentioned nothing extra concerning the alleged perpetrator or the character of the incident. Beeping Pc says he noticed screenshots from the hacker that allegedly present Uber’s IT sources, together with its Amazon Internet Providers console, Google Workspace dashboard, and digital machines. The perpetrator additionally gained entry to Uber’s bug bounty program, suggesting he may need identified about safety holes that the corporate did not essentially repair.
The account data appears to be dependable. Nonetheless, there are considerations that the attacker may entry the supply code or promote the bounty knowledge to different hackers who may use the vulnerabilities in their very own campaigns. There are potential penalties within the coming days, even when Uber riders don’t have any fast trigger for concern.
All merchandise beneficial by Engadget are chosen by our editorial workforce independently of our dad or mum firm. A few of our tales include affiliate hyperlinks. If you happen to purchase one thing by way of considered one of these hyperlinks, we might earn an affiliate fee. All costs are present on the time of publication.